OpenAPI
Expose oRPC procedures as REST endpoints
Overview
OpenAPI generation is handled by @orpc/openapi and filtered to procedures that explicitly define .route(...).
Minimum Requirements
For each exposed procedure:
- Add
.route({...}). - Define explicit
.input(...)and.output(...)schemas. - Avoid OpenAPI-incompatible schema transforms in output definitions.
Example
import { authProcedure, createRPCRouter } from "@/rpc/procedures/rpc";
import { actionResponseSchema } from "@/lib/utils/schema-utils";
import { OpenAPITags } from "@/rpc/tags";
import { z } from "zod";
export const myRouter = createRPCRouter({
getById: authProcedure
.meta({ rateLimit: "QUERY", acceptApiKey: true })
.route({
method: "GET",
path: "/my-resource/{id}",
tags: [OpenAPITags.Auth],
summary: "Get resource by id",
description: "Returns one resource",
spec: {
security: [{ bearerAuth: [] }],
},
})
.input(z.object({ id: z.string().uuid() }))
.output(actionResponseSchema(z.object({ id: z.string().uuid() })))
.query(async ({ input }) => {
return { success: true, payload: { id: input.id } };
}),
});API Key Support
Enable API key authentication per procedure with:
.meta({ acceptApiKey: true })Then call the endpoint using:
x-api-key: pk_...Generated Endpoints
- JSON schema:
/api/openapi.json - REST runtime prefix:
/api/<path-from-route>
Config Flags
- Disable OpenAPI entirely:
Config.Auth.DISABLE_OPENAPI = true - Include non-routed procedures in schema:
Config.Api.LIST_UNEXPOSED_PROCEDURES_IN_OPENAPI = true